Subrion is an open-source PHP content management system which has always aimed to be as comprehensive as possible in terms of functionality, whilst holding true to it’s user-friendly ethos.

The development team behind Subrion CMS – Intelliants, have recently announced a major update for their flagship content management system, calling it Subrion CMS 3.
Key features such as full source editing, per-page permissions and extensive plugin options have always been part of the platform, but now with a host of improvements recently launched along with Subrion CMS 3, users are in for a far more powerful Subrion experience. Let’s explore how.

Enhanced Admin Dashboard, Plugin Installation & Fields Management

The most obvious improvement introduced by Subrion CMS 3, is the enhanced admin dashboard. The core version comes in a selection of 5 different colours by default, making it easy to customize your experience right out of the box.

The brand new dashboard, along with its 5 bundled colours, is extremely easy on the eyes, and even simpler to use, thanks to bold menus and logically grouped tools and features which makes managing content a breeze.

This new user interface is sleek and organized, allowing you to access different areas of your Subrion admin panel with ease, whilst also displaying key content such as Twitter news and recent activity via the main dashboard.

Remote Plugin installation

Subrion CMS 3 also brings about remote plugin installation, which scraps the need for manual downloading and uploading of plugins via FTP.

Instead, a simple three-step process is all you need to worry about. Once you navigate over to the Plugins page on your admin panel, you can select the Remote Mode filter for your available plugins, and then click install. It’s that easy.

Improved Fields Management

You can also look forward to improved fields management features for item listings. Whether the fields relate to members, auto listing, real estate listing, coupons, or anything else, you can easily extend your listings with the additional fields.

Fields can be created in many different forms, including, text field, WYSIWYG, checkboxes, radios, pictures, attachments, and much more.

The best part is, there is no need to make any PHP/HTML changes, as you can have complete control over your fields right from the admin panel.

Built-In Blogging & Professional Templates

With Subrion CMS 3 also comes bundled with a built-in blogging functionality, which means there is no need to combine Subrion with any other blogging platform or content management system in order to create a blog.

The latest version of Subrion also introduces a new iaBootstrap template framework, which is based on Twitter Bootstrap 2. The framework simplifies new template development for Subrion CMS, providing all templates with a responsive nature.

Speaking of responsive design, Subrion CMS 3 ensures that both its templates and admin dashboard can be viewed via mobile browsers, so you can manage your content easily – anywhere you go.

Premium Extension Packages, Major Re-factoring & a 20% Discount

With version 3 of their platform, Subrion were aiming to make their software more scalable, reliable, and stable than every before – and they did just that.

This is due to some major re-factoring work, with improvements to nearly 90% of Subrion’s core code. Major improvements include improved PHP 5 support, and the addition of MySQLi support.

Along with all these Subrion CMS 3 enhancements, you can also extend the default functionality of the platform instantly, with 6 premium extension packages.

These paid premium packages allow you to add further functionality in terms of article publishing, coupons, real estate listings, directory listings, and more.

There is also some great news for Softaculous & Webuzo readers. Subrion have kindly offered a 20% discount off all orders, including on their Premium Extension Packages which are detailed above.

To claim your discount, simply use the discount code, “SOFTACULOUS” upon checkout.

On 24 Oct 2013 06:15:39 +0000 Google started saying www.php.net was hosting malware. The Google Webmaster Tools were initially quite delayed in showing the reason why and when they did it looked a lot like a false positive because there were some minified/obfuscated javascript being dynamically injected into userprefs.js. This looked suspicious, but it was actually written to do exactly that so we were quite certain it was a false positive.

It turned out that by combing through the access logs for static.php.net it was periodically serving up userprefs.js with the wrong content length and then reverting back to the right size after a few minutes. This is due to an rsync cron job. So the file was being modified locally and reverted. Google’s crawler caught one of these small windows where the wrong file was being served.

The php.net systems team have audited every server operated by php.net, and have found that two servers were compromised: the server which hosted the www.php.net, static.php.net and git.php.net domains, and was previously suspected based on the JavaScript malware, and the server hosting bugs.php.net. The method by which these servers were compromised is unknown at this time.

All affected services have been migrated off those servers. PHP.net team have verified that their Git repository was not compromised, and it remains in read only mode as services are brought back up in full.

To summarize, the situation right now is that:

JavaScript malware was served to a small percentage of php.net users from the 22nd to the 24th of October 2013.

Neither the source tarball downloads nor the Git repository were modified or compromised.

Two php.net servers were compromised, and have been removed from service. All services have been migrated to new, secure servers.

SSL access to php.net Web sites is temporarily unavailable until a new SSL certificate is issued and installed on the servers that need it.

Over the next few days :

php.net users will have their passwords reset. Note that users of PHP are unaffected by this: this is solely for people committing code to projects hosted on svn.php.net or git.php.net.

The WordPress security team resolved three security issues, and this release also contains some additional security hardening.

The security fixes include :

Block unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution.

Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user.

Fix insufficient input validation that could result in redirecting or leading a user to another website.

The additional security hardening include:

Updated security restrictions around file uploads to mitigate the potential for cross-site scripting. The extensions .swf and .exe are no longer allowed by default, and .htm and .html are only allowed if the user has the ability to use unfiltered HTML.

WHMCS has released new patches for the 4.5, 5.0, 5.1, and 5.2 minor releases. These updates provide targeted changes to address security concerns with the WHMCS product. You are highly encouraged to update immediately.

WHMCS has rated these updates as including critical or important security impacts.

Releases
The following full-release versions of WHMCS have been published and address all known vulnerabilities:5.2.6

The latest public releases of WHMCS are available inside members area at WHMCS.

WHMCS has been updated to 5.2.6 in Softaculous as well. If you have Softaculous installed on your server you can upgrade to the latest version of WHMCS via Softaculous.

PLEASE NOTE: The 4.5 series reached End Of Life as of June 30th 2013. WHMCS is aware that some customers have not moved to an LTS version due to the newness of the LTS policy. The related 4.5 patch release published along with this Security Advisory is provided as a courtesy to those customers. From this point forward, there will be no more patches provided for 4.5 or any other release that has reached EOL.

There is no reason to believe that these vulnerabilities are known to the public. As such, WHMCS will only release limited information regarding the vulnerabilities at this time.

Once sufficient time has passed to allow WHMCS customers to update their installed software, WHMCS will release additional information regarding the nature of the security issue.

Oxwall is a fast-growing open source project that aims at creating a new generation community site platform. Oxwall aims at a wide range of audiences – starting from small private family websites up to top level destinations for millions users.

It is possible because of the flexibility that Oxwall provides. Oxwall Store contains hundreds of actively supported plugins and themes by Oxwall Foundation, 3rd party developers, and designers. You can have any combination of plugins set up, the way you need them in your particular case.

Oxwall is also a robust product that scales to millions users. Check Wall.fm, which is a commercial cloud solution for Oxwall. It hosts tens thousands active community websites and niche social networks, and works on the Oxwall platform.

Today it’s really hard to find an actively developed, commercial quality open source piece of software with a growing community of 3rd party developers. Oxwall is just that and we have big plans for the future of the social web.

Zurmo is an Open Source Customer Relationship Management (CRM) application that is mobile, social, and gamified. We use a test-driven methodology for building every part of the application.

Recently Zurmo team released version 1.5 which adds several new features which makes Zurmo a better CRM. The latest version of Zurmo can be installed with just one click via Softaculous.

This is a short list of new features added to Zurmo 1.5 :

1) Advanced Reporting

Create Reports from Accounts, Contacts, Leads, Meetings, Notes, Opportunities, or Tasks. Report types include Matrix, Rows and Columns, and Summation. A Report Wizard guides users through the process of creating reports that they can save and generate as needed.

2) Workflow

Create rules that trigger alerts or actions in the system. Workflows are divided into two main categories:

“On Save” – appropriate for keeping track of events as they occur, such as a won opportunity.

“Time-Based” – help users keep track of upcoming or elapsed events. A wizard also aids in the creation of workflows, where users drag and drop triggers and rules.

3) Marketing Lists

Allow users to segment Leads, Contacts, and Account records according to parameters set by advanced searches or reports. With the release of Zurmo 2.0, Marketing Lists will be employed in sending mass emails.

4) Email Templates

Both plain text and HTML Email Templates can now be created in Zurmo. Users have the ability to include reader-specific dynamic information into emails. For example, a salutation in an email is personalized according to the recipient’s first name.

5) Full Mobile Accessibility

Responsive design makes Zurmo accessible on tablets, mobile, and other small displays. Additionally, users can switch to mobile view while using the application on a desktop sized display. This is useful in scenarios where a user needs to run other applications, but still maintain minimal access to Zurmo on the side.

6) Enhanced Language Tool

The Zurmo Language Tool is powered by a Drupal l10n server. It integrates with the Zurmo.org Community Forums, where members can contribute within teams corresponding to specific language translations. Suggestions are actively checked and moderated by other team members. Thanks to the tool, Zurmo is being translated into over 20 languages.

7) Unified Inbox

All Conversations, Missions, and Notifications are aggregated in the Unified Inbox. Designate inbox items as read, open, or closed. Search through communication objects.

8) Upload Company Logos

Organizations can personalize implementations by uploading their own company logos.

If you run a high traffic WordPress installation you will want to optimize WordPress and your server to run as efficiently as possible. This article gives a general overview of the avenues to pursue. It’s not a detailed technical explanation of each aspect.

The optimization techniques available to you will depend on your hosting setup. This article is divided into categories according to hosting type.

1) Shared Hosting :

This is the most common type of hosting. Your site will be hosted on a server along with many others. The hosting company manages the web server for you, so you have very little control over server settings and so on. The areas most relevant to this type of hosting are :

Caching : WordPress caching is the fastest way to improve performance. Plugins like W3 Total Cache or WP Super Cache can be easily installed and will cache your WordPress posts and pages as static files. These static files are then served to users, reducing the processing load on the server. This can improve performance several hundred times over for fairly static pages.

WordPress Performance : The first and easiest way to improve WordPress performance is plugins. Deactivate and delete any unnecessary plugins. Try selectively disabling plugins to measure server performance. Is one of your plugins significantly affecting your site’s performance?
Then you can look at optimizing plugins. Are plugins coded inefficiently? Do they repeat unnecessary database queries? WordPress has its own caching system, so generally speaking, using functions like get_option(), update_option() and so on will be faster than writing SQL.

2) Virtual / Dedicated Server :

In this hosting scenario you have control over your own server. The server might be a dedicated piece of hardware or one of many virtual servers sharing the same physical hardware. The key thing is, you have control over the server settings. In addition to the areas above Caching and WordPress performance, you can follow the below techniques to optimize your server :

Server Optimization :

DNS: If you host your DNS on external servers this will reduce the load on your primary web server. It’s a simple change, but it will offload some traffic and cpu load.

Web Server: Your web server can be configured to increase performance. There are a range of techniques from web server caching to setting cache headers to reduce load per visitor. Search for your specific web server optimizations (for example, search for “apache optimization” for more info).

PHP: There are various PHP accelerators available which can dramatically improve performance of your PHP files. This will apply to all PHP files, not just your WordPress installation. Search for PHP optimization for more information, f.e. APC.

MySQL: MySQL optimization is a black art in itself. A few simple changes to the query cache settings can have a dramatic effect on WordPress performance because WordPress repeats a lot of queries on every request. Search for mysql optimization for more.

Offloading :

Static Content : Any static files can be offloaded to another server. For example, any static images, JavaScript or CSS files can be moved to a different server. This is a common technique in very high performance systems (Google, Flickr, YouTube, etc) but can also be helpful for smaller sites where a single server is struggling. Also, moving this content onto different hostnames can lay the groundwork for multiple servers in the future.Some web servers are optimized to serve static files and can do so far more efficiently than more complex web servers like Apache, for example publicfile or lighttpd.

Multiple Hostnames : There can also be user improvements by splitting static files between multiple hostnames. Most browser will only make 2 simultaneous requests to a server, so if you page requires 16 files they will be requested 2 at a time. If you spread that between 4 host names they will be requested 8 at a time. This can reduce page loading times for the user, but it can increase server load by creating more simultaneous requests. Also, known is “pipelining” can often saturate the visitor’s internet connection if overused.

Offloading images is the easiest and simplest place to start. All images files could be evenly split between three hostnames (assets1.yoursite.com, assets2.yoursite.com, assets3.yoursite.com for example). As traffic grows, these hostnames could be moved to your own server. Note: Avoid picking a hostname at random as this will affect browser caching and result in more traffic and may also create excessive DNS lookups which do carry a performance penalty.

Likewise any static JavaScript and CSS files can be offloaded to separate hostnames or servers.

So, you’ve got something to sell? Great! In as little as 15 minutes you can be selling your products with software that grows with you, regardless of your experience on the web. With Softaculous, you can install ShopSite with a single click which makes it incredibly easy to get your online store up and running!! The quickest way to find ShopSite on Softaculous is to search for ShopSite from within your Softaculous account. ShopSite on Softaculous will install a try-before-you-buy ShopSite Pro demo store – showcasing the best online shopping cart software we have to offer. Now you can see for yourself how fast it is to get started and get your store front online!

What can you expect from ShopSite?

How about:

A wizard that will walk you through all of the steps necessary to create web pages, populate them with your products, and publish them to the internet

Order Anywhere buttons that can be placed wherever HTML is supported, allowing you to sell practically anywhere on the web – you can sell products from your blog or via email

Scalable software that will work for all sorts of companies, from a single employee to multiple departments and everything in between

Software updates match trends in eCommerce, SEO, and web development

Mobile ready pages for customers on the go

Social media integration to better interact with your customers, current and future